CVE-2008-4068 (retired)

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12allows remote attackers to bypass "restrictions imposed on local HTMLfiles," and obtain sensitive information and prompt users to write thisinformation into a file, via directory traversal sequences in a resource:URI.